<?php
session_start();
/**
 * 网易云信server API 接口使用示例 1.6
 * @author  hzchensheng15@corp.netease.com
 * @date    2015-10-28  10:30
 * 
***/

//使用示例
require('./ServerAPI.php');

$AppKey = '';
$AppSecret = '';
// $p = new ServerAPI($AppKey,$AppSecret,'fsockopen');		//fsockopen伪造请求
$p = new ServerAPI($AppKey,$AppSecret,'curl');		//php curl库
function random($length = 6 , $numeric = 0) {
        PHP_VERSION < '4.2.0' && mt_srand((double)microtime() * 1000000);
        if($numeric) {
            $hash = sprintf('%0'.$length.'d', mt_rand(0, pow(10, $length) - 1));
        } else {
            $hash = '';
            $chars = 'ABCDEFGHJKLMNPQRSTUVWXYZ23456789abcdefghjkmnpqrstuvwxyz';
            $max = strlen($chars) - 1;
            for($i = 0; $i < $length; $i++) {
                $hash .= $chars[mt_rand(0, $max)];
            }
        }
        return $hash;
}
function checkstr($strsql)
{     //检测字符串是否有注入风险
       
    $strsql=trim($strsql);
    $check=preg_match('/select|or|and|char|create|drop|database|table|insert|script|function|update|delete|exec|system|passthru|shell_exec|<|\`|\%|\"|\'|\/\*|\*|\.\.\/|\.\/|union|into|load_file|outfile/i',$strsql);
  
    if($check)
    {   
        if($strsql !='chark_sheng' ){
            echo "<script language='javascript'>alert('您输入的信息存在非法字符！');history.go(-1)</script>";
            exit;
        }
    }        
    return  $strsql;                      
               
}

$mobile = checkstr($_GET['phone']);
$mobile_code = random(6,1);
if(empty($mobile)){
    echo json_encode(array('res'=>'手机号码不能为空'));
    exit;
}
if(!empty($_SESSION["a".$mobile])){
        if(time()-$_SESSION["a".$mobile]<60){
            echo json_encode(array('res'=>"一分钟只允许发一次短信！"));
            exit;
        }
}
$nat= isset($_GET['nat'])? checkstr($_GET['nat']):86;
$type=0;  //默认国内
if($nat!=86){
    $gjmobile=$nat.' '.$mobile;
    $type=1;
    $_SESSION["a".$mobile]=time();
    $_SESSION['mobile'] = $mobile;
    $_SESSION['mobile_code'] = $mobile_code;
    $_SESSION['nat']=$nat;
    echo json_encode(array('res'=>$mobile_code));
    exit;
}


 // $result =$p->sendSMSTemplate('3049631',array($mobile),array($mobile_code));
 // if($result['code']==200){
	        $_SESSION["a".$mobile]=time();
        	$_SESSION['mobile'] = $mobile;
        	$_SESSION['mobile_code'] = $mobile_code;
        	$_SESSION['nat']=$nat;
        	if(!$result){
             	echo json_encode(array('res'=>$mobile_code));
             	 // echo json_encode(array('res'=>"发送成功，请注意查收！"));
        	}else{
            	echo json_encode(array('res'=>"Send successfully, please check!"));

        	}
        	exit;
 // }else{
 // 	//提交失败
 //     echo json_encode(array('res'=>"failed"));
 // }
exit;
?>